2018-03-06 17:27:40,804:DEBUG:certbot.main:certbot version: 0.19.0 2018-03-06 17:27:40,804:DEBUG:certbot.main:Arguments: ['--apache', '-d', 'dashboard.eliftruck.com', '-d', 'elift.freshinup.com', '--force-renewal'] 2018-03-06 17:27:40,804:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot) 2018-03-06 17:27:40,822:DEBUG:certbot.log:Root logging level set at 20 2018-03-06 17:27:40,823:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log 2018-03-06 17:27:40,824:DEBUG:certbot.plugins.selection:Requested authenticator apache and installer apache 2018-03-06 17:27:40,915:DEBUG:certbot_apache.configurator:Apache version is 2.4.18 2018-03-06 17:27:41,240:DEBUG:certbot.plugins.selection:Single candidate plugin: * apache Description: Apache Web Server plugin - Beta Interfaces: IAuthenticator, IInstaller, IPlugin Entry point: apache = certbot_apache.configurator:ApacheConfigurator Initialized: Prep: True 2018-03-06 17:27:41,241:DEBUG:certbot.plugins.selection:Selected authenticator and installer 2018-03-06 17:27:41,241:INFO:certbot.plugins.selection:Plugins selected: Authenticator apache, Installer apache 2018-03-06 17:27:41,246:DEBUG:certbot.main:Picked account: )>)), uri=u'https://acme-v01.api.letsencrypt.org/acme/reg/26668472', new_authzr_uri=u'https://acme-v01.api.letsencrypt.org/acme/new-authz', terms_of_service=u'https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf'), 7d16b595bd8abe0aa0d0c83fdf6f7608, Meta(creation_host=u'eliftdashboard', creation_dt=datetime.datetime(2017, 12, 29, 17, 13, 35, tzinfo=)))> 2018-03-06 17:27:41,248:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/directory. 2018-03-06 17:27:41,249:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v01.api.letsencrypt.org 2018-03-06 17:27:42,108:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 562 2018-03-06 17:27:42,109:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Content-Type: application/json Content-Length: 562 Replay-Nonce: x3pA9ly-i0OUesokSe0KoVfVrewEJetWU6GErjpYdKI X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 06 Mar 2018 17:27:42 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 06 Mar 2018 17:27:42 GMT Connection: keep-alive { "key-change": "https://acme-v01.api.letsencrypt.org/acme/key-change", "meta": { "terms-of-service": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf" }, "new-authz": "https://acme-v01.api.letsencrypt.org/acme/new-authz", "new-cert": "https://acme-v01.api.letsencrypt.org/acme/new-cert", "new-reg": "https://acme-v01.api.letsencrypt.org/acme/new-reg", "revoke-cert": "https://acme-v01.api.letsencrypt.org/acme/revoke-cert", "y4acFkKcoFo": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417" } 2018-03-06 17:27:42,112:DEBUG:certbot.renewal:Auto-renewal forced with --force-renewal... 2018-03-06 17:27:42,113:INFO:certbot.main:Renewing an existing certificate 2018-03-06 17:27:42,113:DEBUG:acme.client:Requesting fresh nonce 2018-03-06 17:27:42,113:DEBUG:acme.client:Sending HEAD request to https://acme-v01.api.letsencrypt.org/acme/new-authz. 2018-03-06 17:27:43,013:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "HEAD /acme/new-authz HTTP/1.1" 405 0 2018-03-06 17:27:43,014:DEBUG:acme.client:Received response: HTTP 405 Server: nginx Content-Type: application/problem+json Content-Length: 91 Allow: POST Replay-Nonce: sakqJANj3rUSI08xb23l5-6NxoHfIsM5RPhQEDMcGkI Expires: Tue, 06 Mar 2018 17:27:43 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 06 Mar 2018 17:27:43 GMT Connection: keep-alive 2018-03-06 17:27:43,014:DEBUG:acme.client:Storing nonce: sakqJANj3rUSI08xb23l5-6NxoHfIsM5RPhQEDMcGkI 2018-03-06 17:27:43,015:DEBUG:acme.client:JWS payload: { "identifier": { "type": "dns", "value": "dashboard.eliftruck.com" }, "resource": "new-authz" } 2018-03-06 17:27:43,018:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz: { "protected": "eyJub25jZSI6ICJzYWtxSkFOajNyVVNJMDh4YjIzbDUtNk54b0hmSXNNNVJQaFFFRE1jR2tJIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAibmU2LXNVQmV6dl80RFdJN2xuV3J5OXhtSVhQUkZrenE1Y3BiQXNpS2hEczFqZVZWSGEwUHZCc2JVNEdob3kyT1FIQnJUT1JYNGd3Y2VGd2JTbWxNV2loNVdZYVZETVVvTE55aFBKSXp2ZF9Da3VkYldDVzdTLUtFMHptTkU0eGVBYWJ3OUpDaWxmYzBCTmhna0luY1hjVmhuOExyWTFFdmpFNkphQW0tZFBKZ3QtLVVYOGZlWXUwZVotNV93ZE53ZjBQT09fSmkzWWY0Tk5IOElaWWtucnBCQU56UHVvQ091dUdmVEJzdjl6RzQxUlNYRDFXb0NFUHZKaXNFaXQ1a0NqVEs1emlnOTFEM2VlS28wWjlYekNzQVRwUDI0NUpxVU1udmVkVTNiOFZPT2xKTnlhZDd6RVdPM095Y1ZHdUNJWEV6RWFUMTE4WVNid0ttbmIwalB3In19", "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiZGFzaGJvYXJkLmVsaWZ0cnVjay5jb20iCiAgfSwgCiAgInJlc291cmNlIjogIm5ldy1hdXRoeiIKfQ", "signature": "gdGdNBwOMONRamYexQcuL-9-AJSMri7MfqNqxasJcj-G3r-As9H_LKM-YIlNc7Z7tlaayPsE3KyoiMQw_l3BGIJhN4A1E1XtbAE9V8yDUOY0yjjKYi7SS-dxaduE4KgxOLD7NxdIqENeeYmYFspMpMk-QXurvixD82qG19YtVY4BC1oqfHyYDEsQKdXkc50tNd5ISKd2xpbKP4p95hWWAouT2ROmOHKpAuSlWwU9KvGeZCmLawQkT4O_KGto9vVXokJHSu8l09PSHaLhHD6Q4maMk4hQ2p9awTAPr8bB0SFwA_I217b5YGEtIZZCf5MvOvHnhKb0lTLtUZxho4fS8A" } 2018-03-06 17:27:44,578:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1011 2018-03-06 17:27:44,579:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Content-Type: application/json Content-Length: 1011 Boulder-Requester: 26668472 Link: ;rel="next" Location: https://acme-v01.api.letsencrypt.org/acme/authz/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk Replay-Nonce: EktR8TMd3mm7rVIRe81gnGJPUrWDcwT-i2VM-s1A2fs X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 06 Mar 2018 17:27:44 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 06 Mar 2018 17:27:44 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "dashboard.eliftruck.com" }, "status": "pending", "expires": "2018-03-13T17:27:44.481715248Z", "challenges": [ { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610163", "token": "JaWwbpmcHN644JDKJ8gkYyt49IFoa-OK1iHAHDcVtvo" }, { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610164", "token": "B-rwUH4h2J4VheC15cTyWfTaOLBMesEdoJJg_BakNRs" }, { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610165", "token": "SI15Oi87piGaZjfha7Y_JlaWYP3W89Lo6wusCLgCjWw" } ], "combinations": [ [ 0 ], [ 2 ], [ 1 ] ] } 2018-03-06 17:27:44,579:DEBUG:acme.client:Storing nonce: EktR8TMd3mm7rVIRe81gnGJPUrWDcwT-i2VM-s1A2fs 2018-03-06 17:27:44,580:DEBUG:acme.client:JWS payload: { "identifier": { "type": "dns", "value": "elift.freshinup.com" }, "resource": "new-authz" } 2018-03-06 17:27:44,583:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/new-authz: { "protected": "eyJub25jZSI6ICJFa3RSOFRNZDNtbTdyVklSZTgxZ25HSlBVcldEY3dULWkyVk0tczFBMmZzIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAibmU2LXNVQmV6dl80RFdJN2xuV3J5OXhtSVhQUkZrenE1Y3BiQXNpS2hEczFqZVZWSGEwUHZCc2JVNEdob3kyT1FIQnJUT1JYNGd3Y2VGd2JTbWxNV2loNVdZYVZETVVvTE55aFBKSXp2ZF9Da3VkYldDVzdTLUtFMHptTkU0eGVBYWJ3OUpDaWxmYzBCTmhna0luY1hjVmhuOExyWTFFdmpFNkphQW0tZFBKZ3QtLVVYOGZlWXUwZVotNV93ZE53ZjBQT09fSmkzWWY0Tk5IOElaWWtucnBCQU56UHVvQ091dUdmVEJzdjl6RzQxUlNYRDFXb0NFUHZKaXNFaXQ1a0NqVEs1emlnOTFEM2VlS28wWjlYekNzQVRwUDI0NUpxVU1udmVkVTNiOFZPT2xKTnlhZDd6RVdPM095Y1ZHdUNJWEV6RWFUMTE4WVNid0ttbmIwalB3In19", "payload": "ewogICJpZGVudGlmaWVyIjogewogICAgInR5cGUiOiAiZG5zIiwgCiAgICAidmFsdWUiOiAiZWxpZnQuZnJlc2hpbnVwLmNvbSIKICB9LCAKICAicmVzb3VyY2UiOiAibmV3LWF1dGh6Igp9", "signature": "fiJEuaY8gfg-I1NCJVXUIGZorLoNEhbyW5FamDugxGnqY4vg877sii6VXa54SMmhWkDDhyouMDllPKCF13OBd8W4bVCTkMxHk5CxbVnNOhEqWaVozNL1-xjOAYpXcNv1z5Ts7hTLaHP019cHTb6dZtB2uUrKMMJbGaU_2LiD46AmLpoZ2qL8Akv-RqO1cnZbRqBicJttWa4BJ8ev_tYs90JMpdyYj3bLPDb91whLr0SbRSLJLWhItUsGdY3lzSdYHZIIFBfN6gcWOoisyxln0DMyG_a-I7Q4PJ3VlmLYGhFJiraZSZL99c3qmS3kbZ0L_wrDYJSQ_t6EOEfLorg-EQ" } 2018-03-06 17:27:46,140:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/new-authz HTTP/1.1" 201 1007 2018-03-06 17:27:46,141:DEBUG:acme.client:Received response: HTTP 201 Server: nginx Content-Type: application/json Content-Length: 1007 Boulder-Requester: 26668472 Link: ;rel="next" Location: https://acme-v01.api.letsencrypt.org/acme/authz/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk Replay-Nonce: yY4qA_TSV-J2gGdDSTg5CjnFddPX6oaMBYmtVaknTpk X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 06 Mar 2018 17:27:46 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 06 Mar 2018 17:27:46 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "elift.freshinup.com" }, "status": "pending", "expires": "2018-03-13T17:27:46.036025843Z", "challenges": [ { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610426", "token": "IcaK9jyPTEMyvISl_13VmuWbFe3TtIHVd-r8UUOIe1s" }, { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610427", "token": "2S867Qk1KNEPtUGdau-xp20gWM4Mmr5TBK3sWCPoWSI" }, { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610428", "token": "AKyZ0CcY9rUzP9x6B_ecE2T-9qtFc0tRVK046DBeas0" } ], "combinations": [ [ 0 ], [ 2 ], [ 1 ] ] } 2018-03-06 17:27:46,141:DEBUG:acme.client:Storing nonce: yY4qA_TSV-J2gGdDSTg5CjnFddPX6oaMBYmtVaknTpk 2018-03-06 17:27:46,142:INFO:certbot.auth_handler:Performing the following challenges: 2018-03-06 17:27:46,142:INFO:certbot.auth_handler:tls-sni-01 challenge for dashboard.eliftruck.com 2018-03-06 17:27:46,142:INFO:certbot.auth_handler:tls-sni-01 challenge for elift.freshinup.com 2018-03-06 17:27:46,394:DEBUG:certbot_apache.parser:Adding Include /etc/apache2/le_tls_sni_01_cert_challenge.conf to /files/etc/apache2/apache2.conf 2018-03-06 17:27:46,394:DEBUG:certbot_apache.tls_sni_01:writing a config file with text: ServerName 15299c4e1d19eec985b30338122b4f16.3edcb4cf8e3a03a407894df9c6fb4af0.acme.invalid UseCanonicalName on SSLStrictSNIVHostCheck on LimitRequestBody 1048576 Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /var/lib/letsencrypt/SI15Oi87piGaZjfha7Y_JlaWYP3W89Lo6wusCLgCjWw.crt SSLCertificateKeyFile /var/lib/letsencrypt/SI15Oi87piGaZjfha7Y_JlaWYP3W89Lo6wusCLgCjWw.pem DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/ ServerName b538907d36307f8dd4b1292460db7a95.e1ce7d1ef21cd7c7964866a23fdeb987.acme.invalid UseCanonicalName on SSLStrictSNIVHostCheck on LimitRequestBody 1048576 Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /var/lib/letsencrypt/AKyZ0CcY9rUzP9x6B_ecE2T-9qtFc0tRVK046DBeas0.crt SSLCertificateKeyFile /var/lib/letsencrypt/AKyZ0CcY9rUzP9x6B_ecE2T-9qtFc0tRVK046DBeas0.pem DocumentRoot /var/lib/letsencrypt/tls_sni_01_page/ 2018-03-06 17:27:46,413:DEBUG:certbot.reverter:Creating backup of /etc/apache2/apache2.conf 2018-03-06 17:27:49,594:INFO:certbot.auth_handler:Waiting for verification... 2018-03-06 17:27:49,595:DEBUG:acme.client:JWS payload: { "keyAuthorization": "SI15Oi87piGaZjfha7Y_JlaWYP3W89Lo6wusCLgCjWw.eSryFWhCcEUyFCbtihDnGGTbZPdXJCN0uaWjHG0Xk1A", "type": "tls-sni-01", "resource": "challenge" } 2018-03-06 17:27:49,598:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610165: { "protected": "eyJub25jZSI6ICJ5WTRxQV9UU1YtSjJnR2REU1RnNUNqbkZkZFBYNm9hTUJZbXRWYWtuVHBrIiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAibmU2LXNVQmV6dl80RFdJN2xuV3J5OXhtSVhQUkZrenE1Y3BiQXNpS2hEczFqZVZWSGEwUHZCc2JVNEdob3kyT1FIQnJUT1JYNGd3Y2VGd2JTbWxNV2loNVdZYVZETVVvTE55aFBKSXp2ZF9Da3VkYldDVzdTLUtFMHptTkU0eGVBYWJ3OUpDaWxmYzBCTmhna0luY1hjVmhuOExyWTFFdmpFNkphQW0tZFBKZ3QtLVVYOGZlWXUwZVotNV93ZE53ZjBQT09fSmkzWWY0Tk5IOElaWWtucnBCQU56UHVvQ091dUdmVEJzdjl6RzQxUlNYRDFXb0NFUHZKaXNFaXQ1a0NqVEs1emlnOTFEM2VlS28wWjlYekNzQVRwUDI0NUpxVU1udmVkVTNiOFZPT2xKTnlhZDd6RVdPM095Y1ZHdUNJWEV6RWFUMTE4WVNid0ttbmIwalB3In19", "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIlNJMTVPaTg3cGlHYVpqZmhhN1lfSmxhV1lQM1c4OUxvNnd1c0NMZ0NqV3cuZVNyeUZXaENjRVV5RkNidGloRG5HR1RiWlBkWEpDTjB1YVdqSEcwWGsxQSIsIAogICJ0eXBlIjogInRscy1zbmktMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", "signature": "F9TCeEJF0T2YJZCh-v5wbz36OPg9KqRaGGwFI64d6xLRK05cow_vufayR3kfm0g8JWCXQhhdX8DHdHPKnBUkhaPU0JmqAMXhOF7GjivwRwKQyaU9WF7IaxJq4SsbciuTc5VpfD3kdyFSmkioRTs-XPx7rrPX1Jx5SmtlKhPs9lzFffpm2aphGBjBjT7278qeOQ5n2F9qTklqPCzDNYYgZU5E6UzxMARkOBpD911RUjKPt-pDGl59D5IFI2nxraWQJm1py2yKWy7begBnCuHqf4Nc-biOQjv3IhUIV4rbaLC3QhHL8txUALghA8fJHTrOvGeA5xSyGyUXZnzLsnb27Q" } 2018-03-06 17:27:51,055:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610165 HTTP/1.1" 202 339 2018-03-06 17:27:51,056:DEBUG:acme.client:Received response: HTTP 202 Server: nginx Content-Type: application/json Content-Length: 339 Boulder-Requester: 26668472 Link: ;rel="up" Location: https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610165 Replay-Nonce: H04JF_-rMjIR6lb4PIY2kWa6A0A9EWI7sSs31B4aIhw Expires: Tue, 06 Mar 2018 17:27:51 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 06 Mar 2018 17:27:51 GMT Connection: keep-alive { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610165", "token": "SI15Oi87piGaZjfha7Y_JlaWYP3W89Lo6wusCLgCjWw", "keyAuthorization": "SI15Oi87piGaZjfha7Y_JlaWYP3W89Lo6wusCLgCjWw.eSryFWhCcEUyFCbtihDnGGTbZPdXJCN0uaWjHG0Xk1A" } 2018-03-06 17:27:51,056:DEBUG:acme.client:Storing nonce: H04JF_-rMjIR6lb4PIY2kWa6A0A9EWI7sSs31B4aIhw 2018-03-06 17:27:51,057:DEBUG:acme.client:JWS payload: { "keyAuthorization": "AKyZ0CcY9rUzP9x6B_ecE2T-9qtFc0tRVK046DBeas0.eSryFWhCcEUyFCbtihDnGGTbZPdXJCN0uaWjHG0Xk1A", "type": "tls-sni-01", "resource": "challenge" } 2018-03-06 17:27:51,060:DEBUG:acme.client:Sending POST request to https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610428: { "protected": "eyJub25jZSI6ICJIMDRKRl8tck1qSVI2bGI0UElZMmtXYTZBMEE5RVdJN3NTczMxQjRhSWh3IiwgImFsZyI6ICJSUzI1NiIsICJqd2siOiB7ImUiOiAiQVFBQiIsICJrdHkiOiAiUlNBIiwgIm4iOiAibmU2LXNVQmV6dl80RFdJN2xuV3J5OXhtSVhQUkZrenE1Y3BiQXNpS2hEczFqZVZWSGEwUHZCc2JVNEdob3kyT1FIQnJUT1JYNGd3Y2VGd2JTbWxNV2loNVdZYVZETVVvTE55aFBKSXp2ZF9Da3VkYldDVzdTLUtFMHptTkU0eGVBYWJ3OUpDaWxmYzBCTmhna0luY1hjVmhuOExyWTFFdmpFNkphQW0tZFBKZ3QtLVVYOGZlWXUwZVotNV93ZE53ZjBQT09fSmkzWWY0Tk5IOElaWWtucnBCQU56UHVvQ091dUdmVEJzdjl6RzQxUlNYRDFXb0NFUHZKaXNFaXQ1a0NqVEs1emlnOTFEM2VlS28wWjlYekNzQVRwUDI0NUpxVU1udmVkVTNiOFZPT2xKTnlhZDd6RVdPM095Y1ZHdUNJWEV6RWFUMTE4WVNid0ttbmIwalB3In19", "payload": "ewogICJrZXlBdXRob3JpemF0aW9uIjogIkFLeVowQ2NZOXJVelA5eDZCX2VjRTJULTlxdEZjMHRSVkswNDZEQmVhczAuZVNyeUZXaENjRVV5RkNidGloRG5HR1RiWlBkWEpDTjB1YVdqSEcwWGsxQSIsIAogICJ0eXBlIjogInRscy1zbmktMDEiLCAKICAicmVzb3VyY2UiOiAiY2hhbGxlbmdlIgp9", "signature": "ZlxzcQHoUs1j3rOAkyucuEK6wQ1vC9dlIc9BwmtQleu0NmiVngl0j7Ov1Kf7TqFekVWSVLCSY8RytgNv-oMXs_yRx7wBhP6kPUjZTHHl9-6T2wnOELLLGrR7glekAYGdrBQfu5Yo4ojEjkGzzHDBSaui4kti7stuJ9cNl1LQUVjEigLh7ZLKTO6yD8snw5x0yNQ6SKJEjUIgTsu9kR0WhzuVKmjm-75HkWLRO6DA0ztazi7KFgEEYK7NmYr6jM-KGCgoX6TgTNGNeVBL6rP3KIGR6_CUYFUoE7mpY2vVpYtYljXOGs_4lFvJpvZphpvFFvxcT4cg2lB2krSSSF8Ncg" } 2018-03-06 17:27:52,892:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "POST /acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610428 HTTP/1.1" 202 339 2018-03-06 17:27:52,893:DEBUG:acme.client:Received response: HTTP 202 Server: nginx Content-Type: application/json Content-Length: 339 Boulder-Requester: 26668472 Link: ;rel="up" Location: https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610428 Replay-Nonce: 7AlmUzio3jhjMM3DuH1qoM2fhD8Menv65YKT4J7gFbY Expires: Tue, 06 Mar 2018 17:27:52 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 06 Mar 2018 17:27:52 GMT Connection: keep-alive { "type": "tls-sni-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610428", "token": "AKyZ0CcY9rUzP9x6B_ecE2T-9qtFc0tRVK046DBeas0", "keyAuthorization": "AKyZ0CcY9rUzP9x6B_ecE2T-9qtFc0tRVK046DBeas0.eSryFWhCcEUyFCbtihDnGGTbZPdXJCN0uaWjHG0Xk1A" } 2018-03-06 17:27:52,893:DEBUG:acme.client:Storing nonce: 7AlmUzio3jhjMM3DuH1qoM2fhD8Menv65YKT4J7gFbY 2018-03-06 17:27:55,897:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk. 2018-03-06 17:27:56,809:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk HTTP/1.1" 200 1802 2018-03-06 17:27:56,811:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Content-Type: application/json Content-Length: 1802 Link: ;rel="next" Replay-Nonce: FdiJNRWZLhRMAcU04HmTJSyaG4H7GxIhJDTreMqT5Co X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 06 Mar 2018 17:27:56 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 06 Mar 2018 17:27:56 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "elift.freshinup.com" }, "status": "invalid", "expires": "2018-03-13T17:27:46Z", "challenges": [ { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610426", "token": "IcaK9jyPTEMyvISl_13VmuWbFe3TtIHVd-r8UUOIe1s" }, { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610427", "token": "2S867Qk1KNEPtUGdau-xp20gWM4Mmr5TBK3sWCPoWSI" }, { "type": "tls-sni-01", "status": "invalid", "error": { "type": "urn:acme:error:unauthorized", "detail": "Incorrect validation certificate for tls-sni-01 challenge. Requested b538907d36307f8dd4b1292460db7a95.e1ce7d1ef21cd7c7964866a23fdeb987.acme.invalid from [2605:de00:1:1:4a:49:0:fc]:443. Received 2 certificate(s), first certificate had names \"*.webfaction.com, webfaction.com\"", "status": 403 }, "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/nk5oeXGNjPFvKALSHsl4WpMCbLbFlbz_v27CB-hGAJk/3713610428", "token": "AKyZ0CcY9rUzP9x6B_ecE2T-9qtFc0tRVK046DBeas0", "keyAuthorization": "AKyZ0CcY9rUzP9x6B_ecE2T-9qtFc0tRVK046DBeas0.eSryFWhCcEUyFCbtihDnGGTbZPdXJCN0uaWjHG0Xk1A", "validationRecord": [ { "hostname": "elift.freshinup.com", "port": "443", "addressesResolved": [ "159.203.170.172", "2605:de00:1:1:4a:49:0:fc" ], "addressUsed": "2605:de00:1:1:4a:49:0:fc" } ] } ], "combinations": [ [ 0 ], [ 2 ], [ 1 ] ] } 2018-03-06 17:27:56,812:DEBUG:acme.client:Sending GET request to https://acme-v01.api.letsencrypt.org/acme/authz/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk. 2018-03-06 17:27:57,840:DEBUG:urllib3.connectionpool:https://acme-v01.api.letsencrypt.org:443 "GET /acme/authz/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk HTTP/1.1" 200 1364 2018-03-06 17:27:57,841:DEBUG:acme.client:Received response: HTTP 200 Server: nginx Content-Type: application/json Content-Length: 1364 Link: ;rel="next" Replay-Nonce: ojWh9goa3niSNYhgHP5Pex3rahc582mlkS-D5e8200E X-Frame-Options: DENY Strict-Transport-Security: max-age=604800 Expires: Tue, 06 Mar 2018 17:27:57 GMT Cache-Control: max-age=0, no-cache, no-store Pragma: no-cache Date: Tue, 06 Mar 2018 17:27:57 GMT Connection: keep-alive { "identifier": { "type": "dns", "value": "dashboard.eliftruck.com" }, "status": "valid", "expires": "2018-04-05T17:27:51Z", "challenges": [ { "type": "http-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610163", "token": "JaWwbpmcHN644JDKJ8gkYyt49IFoa-OK1iHAHDcVtvo" }, { "type": "dns-01", "status": "pending", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610164", "token": "B-rwUH4h2J4VheC15cTyWfTaOLBMesEdoJJg_BakNRs" }, { "type": "tls-sni-01", "status": "valid", "uri": "https://acme-v01.api.letsencrypt.org/acme/challenge/cC2538BUvpyfQRVcz0Jn2-YNcFlCd64B2T0i-IjZZxk/3713610165", "token": "SI15Oi87piGaZjfha7Y_JlaWYP3W89Lo6wusCLgCjWw", "keyAuthorization": "SI15Oi87piGaZjfha7Y_JlaWYP3W89Lo6wusCLgCjWw.eSryFWhCcEUyFCbtihDnGGTbZPdXJCN0uaWjHG0Xk1A", "validationRecord": [ { "hostname": "dashboard.eliftruck.com", "port": "443", "addressesResolved": [ "159.203.170.172" ], "addressUsed": "159.203.170.172" } ] } ], "combinations": [ [ 0 ], [ 2 ], [ 1 ] ] } 2018-03-06 17:27:57,842:DEBUG:certbot.reporter:Reporting to user: The following errors were reported by the server: Domain: elift.freshinup.com Type: unauthorized Detail: Incorrect validation certificate for tls-sni-01 challenge. Requested b538907d36307f8dd4b1292460db7a95.e1ce7d1ef21cd7c7964866a23fdeb987.acme.invalid from [2605:de00:1:1:4a:49:0:fc]:443. Received 2 certificate(s), first certificate had names "*.webfaction.com, webfaction.com" To fix these errors, please make sure that your domain name was entered correctly and the DNS A/AAAA record(s) for that domain contain(s) the right IP address. 2018-03-06 17:27:57,842:INFO:certbot.auth_handler:Cleaning up challenges 2018-03-06 17:27:58,115:DEBUG:certbot.log:Exiting abnormally: Traceback (most recent call last): File "/usr/bin/certbot", line 11, in load_entry_point('certbot==0.19.0', 'console_scripts', 'certbot')() File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 861, in main return config.func(config, plugins) File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 698, in run certname, lineage) File "/usr/lib/python2.7/dist-packages/certbot/main.py", line 80, in _get_and_save_cert renewal.renew_cert(config, domains, le_client, lineage) File "/usr/lib/python2.7/dist-packages/certbot/renewal.py", line 297, in renew_cert new_certr, new_chain, new_key, _ = le_client.obtain_certificate(domains) File "/usr/lib/python2.7/dist-packages/certbot/client.py", line 318, in obtain_certificate self.config.allow_subset_of_names) File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 81, in get_authorizations self._respond(resp, best_effort) File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 138, in _respond self._poll_challenges(chall_update, best_effort) File "/usr/lib/python2.7/dist-packages/certbot/auth_handler.py", line 202, in _poll_challenges raise errors.FailedChallenges(all_failed_achalls) FailedChallenges: Failed authorization procedure. elift.freshinup.com (tls-sni-01): urn:acme:error:unauthorized :: The client lacks sufficient authorization :: Incorrect validation certificate for tls-sni-01 challenge. Requested b538907d36307f8dd4b1292460db7a95.e1ce7d1ef21cd7c7964866a23fdeb987.acme.invalid from [2605:de00:1:1:4a:49:0:fc]:443. Received 2 certificate(s), first certificate had names "*.webfaction.com, webfaction.com"